AToken (Aave V3)
Audit Snapshot
- Status: ✅ pass
- Source type:
npm - Source path:
third_party/famous-contracts/sources/@aave/core-v3/contracts/protocol/tokenization/AToken.sol - Primary issue: No primary issue recorded.
- Audit corpus size: 98 contracts
Diagnostics
Total diagnostics captured: 1715
By Severity
| Severity | Count |
|---|---|
| warning | 1711 |
| error | 4 |
Most Common Codes
| Code | Count | Example |
|---|---|---|
| W121 | 1140 | duplicate constant state variable 'CALLER_NOT_POOL_ADMIN' detected while merging libraries |
| W200 | 552 | function 'safeTransfer' in 'IncentivizedERC20' overrides 'Context::safeTransfer' which is not marked 'virtual' |
| MANIFEST_WILDCARD_CONTRACT | 4 | contract 'IncentivizedERC20' requires wildcard contract manifest permissions (contract='*') due to dynamic contract calls. This is riskier than fixed contract hashes; use --deny-wildcard-contracts to make this a hard error. |
| RAW | 4 | [info][NEP-17] NEP-17 transfer method has 2 parameter(s), spec expects 4. See STANDARDS_MAPPING.md for details. |
| W101 | 4 | function 'transfer' has 2 parameters (ERC-20 pattern). NEP-17 requires 4 parameters: transfer(from, to, amount, data). The from address is verified via Runtime.checkWitness() and data (type Any) is forwarded to the recipient's onNEP17Payment callback. |
| W103 | 4 | ERC-20 method(s) [approve, allowance, transferfrom] detected. These are not part of the NEP-17 spec; Neo uses Runtime.checkWitness() for authorization instead of the approve/allowance pattern. You may keep them as extensions, but they will not contribute to NEP-17 standard detection. |
| W113 | 4 | Contract has transfer function but no onNEP17Payment callback. Other contracts cannot send tokens to this contract. |
| VALIDATION_WARNING | 2 | abstract contract 'VersionedInitializable' has 1 unimplemented function(s): [getRevision] |
| W108 | 1 | ERC-2612 permit pattern detected (7-parameter permit function). Neo N3 uses Runtime.checkWitness() for authorization; off-chain signature permits are not needed. |
Source diagnostic payload: docs/data/famous-contracts-audit-results.json.
References
- Global audit report: Famous Contracts on NeoVM
- Per-contract index: Original Famous Contracts
- Upstream contract path:
third_party/famous-contracts/sources/@aave/core-v3/contracts/protocol/tokenization/AToken.sol